bugsearch.net XSS vulnerability

I just submitted two “exploits” to bugsearch.net and was able to view them on the website although they were not published yet by the staff members. This can be done by viewing the RSS feed and then clicking on the latest link (e.g. your submitted sploit).

I submitted an exploit which contains XSS code. Surprisingly this code gets parted when you view the submitted content. XSS is possible 🙂